Curated blog with news, events, listings, jobsย and exciting stories about web design & web development.
iThemes Security Pro: Trusted Devices, Login Alerts & Session Hijacking Protection
In version 5.5, iThemes Security Pro is adding yet another layer of security to WordPress sites. It comes with various new features to protect WordPress from compromised user accounts including trusted devices, login alerts, and session hijacking protection.
Trusted Devices & Login Alerts
It’s a new way to monitor and identify the devices used to login to your WordPress websites. By adding security measures for unknown devices, you can lock down your WordPress sites and protect them from compromised user accounts.
If an unknown device wants to get access to your site, you will get notified of this attempt right in the WordPress admin bar. Then you can approve or deny devices right from the WordPress User Profile page. Optionally, you can also receive a customizable Unrecognized Login Notification email. For unrecognized sessions it is possible to restrict their admin-level capabilities to prevent them from editing their login details.
It also integrates with the “Remember Me” setting of the Two-Factor Authentication. That way, users wonโt need to enter their 2FA code for the next 30 days on the current device.
iThemes Security Pro uses geolocation to improve the accuracy of identifying a trusted device. Simply use the free MaxMind database or a paid MaxMind GeoIP2 Precision: City account for a high level of accuracy. As of 2020, MaxMind DB requires all users to create a (free) account to use their API.
Session Hijacking Protection
With session hijacking, also known as Cookie hijacking, hackers are able to take over control of your account while you are using it. However, iThemes Security Pro now provides you with an option to prevent session hijacking by checking that a userโs device does not change during a session.
If it changes during a session, the security plugin will automagically log the user out to prevent any unauthorized activity such as changing email addresses or uploading malicious plugins.
Current iThemes Security Pro, Plugin Suite & Toolkit customers will get their hands on the latest version as a free update.
Check Out iThemes Security Pro »
Biff Codes - The Job Board for WordPress Devs
Biff.codes is on a mission to revolutionize job boards. Post and find WordPress developer jobs for free.
FTC Disclosure: We may receive a payment in connection with purchases of products or services featured in this post.
